package com.ym.web.shiro;


import com.aliyun.openservices.shade.com.alibaba.fastjson.JSONObject;
import com.ym.manager.sys.model.AdminUser;
import com.ym.utils.Common;
import com.ym.utils.Constants;
import com.ym.utils.Logger;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/**
 * 方法描述:绑定登录用户信息
 * <p>
 * author LZH
 * version v1.0
 * date 2016/6/13 10:31
 */
public class SysUserFilter extends AccessControlFilter {

    /**用户删除了后重定向的地址*/
    private String userDeletedUrl;

    /**用户锁定后重定向的地址*/
    private String userLockedUrl;

    /**未知错误*/
    private String userUnknownErrorUrl;

    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        Subject subject = getSubject(request, response);
        if (subject == null) {
            return true;
        }
        long begin = System.currentTimeMillis();
        HttpServletRequest request1 = (HttpServletRequest)request;
        HttpServletResponse response1 = (HttpServletResponse)response;
        request.setCharacterEncoding("utf-8");
        String uri = request1.getRequestURI();
        //限制请求内容大小
        AdminUser user = (AdminUser)subject.getPrincipal();
        Logger.info("请求信息   Url：[" + uri +"] 操作人员["+user.getId()+"_"+user.getName()+"] 参数:  " + JSONObject.toJSONString(this.getaramsMaps(request1.getParameterMap())) +" 请求结果  时间 " + (System.currentTimeMillis()-begin) + "毫秒");
        //String username = (String) subject.getPrincipal();
        // 此处注意缓存 防止大量的查询db
        //SysUser user = sysUserService.findByUsername(username);



        // 把当前用户放到session中
        request.setAttribute(Constants.CURRENT_USER, user);
        //druid监控需要
        //((HttpServletRequest)request).getSession().setAttribute(Constants.CURRENT_USERNAME, username);
        return true;
    }
    public Map<String, Object> getaramsMaps(Map<String, String[]> params ) {
        Map<String, Object> paramsMaps = new HashMap<>();
        if(Common.isEmpty(params) || params.size()<=0)
            return paramsMaps;
        Iterator<Map.Entry<String, String[]>> iterator =  params.entrySet().iterator();
        while (iterator.hasNext()) {
            Map.Entry<String, String[]> next = iterator.next();
            paramsMaps.put(next.getKey(), next.getValue()[0]);
        }
        return paramsMaps;
    }
    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object object) throws Exception {
        AdminUser user = (AdminUser) request.getAttribute(Constants.CURRENT_USER);
        if (user == null) {
            return true;
        }
        return true;
    }

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        getSubject(request, response).logout();
        redirectToLogin(request, response);
        return true;
    }
}
